I come to you after a desperate disappointing search online for an answer to my question: Which one is faster: LDAP or Relational Database?
I need to setup a system with both authentication and authorization of users. I know LDAP has the "structure" for that kind of need, but is it really faster than, say, MySQL?
LDAP search is based on tree data structure which makes it faster than a relational database where search is sequential.
In other words, an LDAP information directory is a type of database, but it's not a relational database.
The Lightweight Directory Access Protocol, or LDAP for short, is one of the core authentication protocols that was developed for directory services. LDAP historically has been used as a database of information, primarily storing information like: Users. Attributes about those users.
LDAP is an open, vendor-neutral application protocol for accessing and maintaining that data. LDAP can also tackle authentication, so users can sign on just once and access many different files on the server. LDAP is a protocol, so it doesn't specify how directory programs work.
For authentication and authorization purposes, in my opinion LDAP provides the best mix between performance and simplicity or installation and maintenance. LDAP as a protocol is quite small, requiring relatively little network bandwidth. The small protocol also makes encrypted transmission fairly high-performance.
LDAP is also simple, servers are easy to deploy, and modern, professional-quality LDAP servers provide impressive performance vs. relational database, all other things being equal such as hardware and query type.
I agree that either could be used in your case, but generally LDAP is better for authentication and authorization because of its simplicity and lower maintenance costs. As for performance, the LDAP server with which I am testing provides about 28,000 authentications per second vs. postgres providing about 42% of that number on the same hardware, though it is difficult to compare apples and oranges.
Modern professional-quality LDAP servers also provide extremely powerful and fast cryptographic hashes for secure password storage - as well as reasonably strong reversible block ciphers like AES in the event a reversible password is required if the client must SASL's DIGEST-MD5 mechanism for password-less authentication.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With